On Fri, Jul 19, 2002 at 09:17:18AM -0700, Marc MERLIN wrote:
On Fri, Jul 19, 2002 at 08:47:26AM -0700, Chuq Von Rospach wrote:
My secondary MXes are locked down even tighter for that exact reason,
One of the things I'm wondering is whether you could set up a trap up in the high MX records. You'd have to make sure your real mail system never failed badly enough to wander up there, but could you create problems by putting a tar baby up there?
I don't know if I would. I'm sure some legitimate MTAs and DNS servers would somehow sometimes end up with your highest MX. That said, I have indeed not tried it, it may virtually never happen.
I wouldn't do it myself, but if you make 2 ip addresses on the same system with one higher pref and one lower pref, and ran the tarpit (or at least an information collector) on the the higher pref ip address, you may get a decent sample on whether or not your idea is going to interfere with your regular service. Since both are on the same system, nothing should ever contact the higher of the 2.
-- The 5 year plan: In five years we'll make up another plan. Or just re-use this one.